In recent years, cars, trucks, or buses are equipped with a lot of in-vehicle ECUs (Electronic Control Unit) controlling each of function units. Each ECU connects with each other through in-vehicle networks to collaborate.
Typically, control programs in an in-vehicle ECU are stored in storage units such as Flash ROMs (Read Only Memory) of microcomputers embedded in the in-vehicle ECU. The versions of the control programs are managed by manufacturers and are intended that the isolated function of the ECU and the collaboration through the in-vehicle network properly work by combining formal software versions.
Therefore, it cannot be ignore in terms of security if in-vehicle ECUs with unintended software or intentionally falsified in-vehicle ECUs are connected to the in-vehicle network.
Attestation is to certify authenticity of each of in-vehicle ECUs themselves or to certify authenticity of all related in-vehicle ECUs. When attestation is acquired, it is proved that appropriate programs intended by the manufacturer are combined and that intended controls are performed.
Patent Literature 1 listed below describes a method wherein: a common key or a common key generation source is shared among multiple in-vehicle ECUs; and the attestation mentioned above is performed based on whether ECUs that are assumed to share the common key information can establish an encrypted communication with each other.
Patent Literature 2 listed below describes a common key distribution method using KPS (Key Predistribution System) scheme. This scheme may be utilized in Patent Literature 1 as the common key generation source.